[net-next] tipc: add check for mon's self in tipc_mon_reinit_self
5 views
Skip to first unread message
Tianyi Jing
Sep 18, 2024, 3:22:17 AM9/18/24
to hust-os-ker...@googlegroups.com, dz...@hust.edu.cn, Tianyi Jing, syzbot+c13de7...@syzkaller.appspotmail.com
Syzbot reports, mon->self may be NULL in tipc_mon_reinit_self, leading to
null pointer dereference.
Fixed by adding check for mon's self.
Fixes: 46cb01eeeb86 ("tipc: update mon's self addr when node addr generated")
Reported-by: syzbot+c13de7...@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/all/00000000000088...@google.com/
Signed-off-by: Tianyi Jing <jing...@hust.edu.cn>
---
net/tipc/monitor.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/tipc/monitor.c b/net/tipc/monitor.c
index e2f19627e43d..c32ba706cfed 100644
--- a/net/tipc/monitor.c
+++ b/net/tipc/monitor.c
@@ -713,7 +713,7 @@ void tipc_mon_reinit_self(struct net *net)
for (bearer_id = 0; bearer_id < MAX_BEARERS; bearer_id++) {
mon = tipc_monitor(net, bearer_id);
- if (!mon)
+ if (!mon || !mon->self)
continue;
write_lock_bh(&mon->lock);
mon->self->addr = tipc_own_addr(net);
--
2.34.1
null pointer dereference.
Fixed by adding check for mon's self.
Fixes: 46cb01eeeb86 ("tipc: update mon's self addr when node addr generated")
Reported-by: syzbot+c13de7...@syzkaller.appspotmail.com
Closes: https://lore.kernel.org/all/00000000000088...@google.com/
Signed-off-by: Tianyi Jing <jing...@hust.edu.cn>
---
net/tipc/monitor.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/tipc/monitor.c b/net/tipc/monitor.c
index e2f19627e43d..c32ba706cfed 100644
--- a/net/tipc/monitor.c
+++ b/net/tipc/monitor.c
@@ -713,7 +713,7 @@ void tipc_mon_reinit_self(struct net *net)
for (bearer_id = 0; bearer_id < MAX_BEARERS; bearer_id++) {
mon = tipc_monitor(net, bearer_id);
- if (!mon)
+ if (!mon || !mon->self)
continue;
write_lock_bh(&mon->lock);
mon->self->addr = tipc_own_addr(net);
--
2.34.1
Reply all
Reply to author
Forward
0 new messages